Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WpOpal — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting WpOpal. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Wpopal is a WordPress theme provider focusing on multipurpose website templates for businesses and online stores. Historically, the themes have been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with 15 CVEs recorded. Common weaknesses include insufficient input validation and improper access controls in theme options and page builder components. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for unpatched installations, particularly in environments with outdated theme versions or default configurations.

Found 1 results / 15Clear Filters
Top products by WpOpal: Opal Estate Opal Estate Pro – Property Management and Submission Opal Membership Opal Woo Custom Product Variation Opal Hotel Room Booking (WordPress plugin) GG Woo Feed for WooCommerce Shopping Feed on Google and Other Channels Opal Widgets For Elementor GutenGeek Free Gutenberg Blocks for WordPress Opal Portfolio GG Bought Together for WooCommerce Opal Service
CVE IDTitleCVSSSeverityPublished
CVE-2025-62913 WordPress Opal Service plugin <= 1.9.1 - Cross Site Scripting (XSS) vulnerability — Opal ServiceCWE-79 6.5 Medium2025-10-27

This page lists every published CVE security advisory associated with WpOpal. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.